基于渗透测试的网络安全漏洞实时侦测技术研究

传统网络安全漏洞侦测技术无法准确得到攻击注入点,和服务器交互频繁,导致侦测结果不可靠、效率低下。为此,提出一种新的基于渗透测试的网络安全漏洞实时侦测技术。设计了渗透测试下网络安全漏洞实时侦测系统,构建系统架构,在生成攻击图时,将网络当前节点漏洞看作单位编码,利用进化计算对不同漏洞属性权重进行调整,获取攻击图库。在设计攻击注入点分析模块时,利用广度优先爬取法,依据网页目录层次实现网络页面爬取;通过爬取过程获取网络全部页面攻击注入点,根据Bloom Filter对重复的URL进行去重处理。利用渗透测试实现攻击和分析模块设计,以此生成攻击图对注入点注入攻击;对攻击反馈进行研究,判断注入点是否存在网络安全漏洞。渗透测试时为了降低交互频率,通过探子请求技术完成探测,对是否进行进一步侦测进行判断。实验结果表明,所提技术侦测结果可靠,效率高。

Research on Real Time Detection of Network Security Vulnerability Based on Penetration Test

The traditional network security detection technology can not get the attack injection point accurately, and interact frequently with the server, which results in the unreliable detection results and low efficiency. To this end, a new network security vulnerability detection technology based on penetration test is proposed. A real-time vulnerability detection system based on penetration testing is designed, and the system architecture is constructed. When generating attack graph, the current node vulnerability is regarded as unit code, and the weight of different vulnerability attributes is adjusted by evolutionary computation to obtain attack gallery. When designing the attack injection point analysis module, we use breadth first crawling method to achieve web page crawling based on web directory level, get all web page attack injection points by crawling process, and re process repeat URL according to BloomFilter. The penetration and testing module is applied to design the attack and analysis module, so as to generate attack graph injection point attack, and attack feedback research, to determine whether there is a network security vulnerability. In order to reduce the interaction frequency, the penetration test can be used to detect and judge whether further detection is carried out. The experimental results show that the detection results are reliable and efficient.